1   1  /  1  页   跳转

中毒以后瑞星不能启动

收藏
微笑的鲨鱼
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2005-04-02
  • 来自:
发表于: 2007-04-04 13:56 | 只看楼主 短消息 资料
字号: 1楼

中毒以后瑞星不能启动

2007-04-04,13:35:05

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
    <kavshell><C:\WINDOWS\system32\svch0st.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <HotKey><C:\WINDOWS\WASAY\HOTKEY.EXE>  [N/A]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"E:\软件\Rising\Rising\rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><; "E:\软件\Rising\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe crs.exe>  [N/A]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{E272C1EF-275E-4733-FF5E-13455234524F}><C:\WINDOWS\system32\nwlpri.dll>  [N/A]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
最后编辑2007-04-04 13:50:37
分享到:
gototop
 
微笑的鲨鱼
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2005-04-02
  • 来自:
发表于: 2007-04-04 13:57 | 只看楼主 短消息 资料
字号: 2楼

启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MSSQLSERVER / MSSQLSERVER]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <e:\软件\rising\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <E:\软件\Rising\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"E:\软件\Rising\Rising\rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[SQLSERVERAGENT / SQLSERVERAGENT]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE -i MSSQLSERVER><Microsoft Corporation>
[Windows SystemDown / WindowsDown]
  <C:\WINDOWS\system32\servet.exe><N/A>

==================================
驱动程序
[acpidisk / acpidisk]
  <\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[Service for WDM 3D Audio Driver / ALCXSENS]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[HookUrl / HookUrl]
  <\??\E:\软件\Rising\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[mProcRs / mProcRs]
  <\??\e:\软件\rising\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Netgroup Packet Filter / NPF]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv]
  <\??\E:\软件\Rising\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139]
  <system32\DRIVERS\R8139n51.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}]
  <system32\drivers\ialmsbw.sys><Intel Corporation>

==================================
gototop
 
微笑的鲨鱼
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2005-04-02
  • 来自:
发表于: 2007-04-04 13:58 | 只看楼主 短消息 资料
字号: 3楼

启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MSSQLSERVER / MSSQLSERVER]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <e:\软件\rising\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <E:\软件\Rising\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"E:\软件\Rising\Rising\rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[SQLSERVERAGENT / SQLSERVERAGENT]
  <C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE -i MSSQLSERVER><Microsoft Corporation>
[Windows SystemDown / WindowsDown]
  <C:\WINDOWS\system32\servet.exe><N/A>

==================================
驱动程序
[acpidisk / acpidisk]
  <\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[Service for WDM 3D Audio Driver / ALCXSENS]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[HookUrl / HookUrl]
  <\??\E:\软件\Rising\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[mProcRs / mProcRs]
  <\??\e:\软件\rising\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Netgroup Packet Filter / NPF]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv]
  <\??\E:\软件\Rising\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139]
  <system32\DRIVERS\R8139n51.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}]
  <system32\drivers\ialmsbw.sys><Intel Corporation>

==================================
gototop
 
微笑的鲨鱼
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2005-04-02
  • 来自:
发表于: 2007-04-04 13:59 | 只看楼主 短消息 资料
字号: 4楼

浏览器加载项
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[zflprnocx.prnocx]
  {4E117D82-1E63-473B-B41F-9BE9BA154E87} <C:\WINDOWS\Downloaded Program Files\zflprnocx.ocx, 银川盛达丰软件技术有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 448][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 512][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 536][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\winlib .dll]  [N/A, N/A]
[PID: 580][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 592][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 740][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 784][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 876][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 924][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 984][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1068][E:\软件\Rising\Rising\Rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 34]
    [E:\软件\Rising\Rising\Rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [E:\软件\Rising\Rising\Rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [E:\软件\Rising\Rising\Rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
    [E:\软件\Rising\Rising\Rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [E:\软件\Rising\Rising\Rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [E:\软件\Rising\Rising\Rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1252][C:\WINDOWS\Explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nwlpri.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\SysAd5f\Ghook.dll]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\Rav30.dll]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\Qqzo0.dll]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\LgSy0.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\upxdnd.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbc.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\winform.dll]  [N/A, N/A]
    [C:\WINDOWS\TEMP\upxdnd.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3,0,0,1847]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3,0,0,1847]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3,0,0,1847]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1847]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3,0,0,1847]
    [C:\WINDOWS\WASAY\hook.dll]  [N/A, N/A]
    [E:\软件\Rising\Rising\rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\ntmsusr.dll]  [N/A, N/A]
[PID: 1380][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1544][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.21]
    [C:\SysAd5f\Ghook.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
[PID: 1628][C:\WINDOWS\WASAY\HOTKEY.EXE]  [N/A, N/A]
    [C:\WINDOWS\WASAY\hook.dll]  [N/A, N/A]
[PID: 1764][C:\SysAd5f\svchost.exe]  [N/A, N/A]
    [C:\SysAd5f\Ghook.dll]  [N/A, N/A]
[PID: 1796][C:\WINDOWS\system32\svch0st.exe]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\djxazg.dll]  [N/A, N/A]
    [C:\SysAd5f\Ghook.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
[PID: 272][C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0194.00]
[PID: 264][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 824][C:\program files\internet explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 832][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 968][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2260][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3552][E:\软件\Rising\Rising\Rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [E:\软件\Rising\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [E:\软件\Rising\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [E:\软件\Rising\Rising\Rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [E:\软件\Rising\Rising\Rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [E:\软件\Rising\Rising\Rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\SysAd5f\Ghook.dll]  [N/A, N/A]
[PID: 1596][C:\WINDOWS\system32\crs.exe]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\SysAd5f\Ghook.dll]  [N/A, N/A]
[PID: 2464][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll]  [金泰丰(广州)科技有限公司, 2, 3, 0, 0]
    [C:\SysAd5f\Ghook.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbc.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\winform.dll]  [N/A, N/A]
    [C:\WINDOWS\WASAY\hook.dll]  [N/A, N/A]
    [E:\软件\Rising\Rising\rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 436][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\SysAd5f\Ghook.dll]  [N/A, N/A]
[PID: 392][C:\Documents and Settings\user\桌面\42006113122516\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\SysAd5f\Ghook.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cmdbc.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\winform.dll]  [N/A, N/A]
gototop
 
微笑的鲨鱼
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2005-04-02
  • 来自:
发表于: 2007-04-04 14:00 | 只看楼主 短消息 资料
字号: 5楼

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
61.188.38.107      www.9605899.com
61.188.38.107      hyap98.com
61.188.38.107      www.hyap98.com
61.188.38.107      82087871.com
61.188.38.107      www.82087871.com
61.188.38.107      47555.cn
61.188.38.107      nc.47555.cn
61.188.38.107      cn.47555.cn
61.188.38.107      crsky.47555.cn
61.188.38.107      www.47555.cn

==================================
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT